JBS USA, the world’s largest meat supplier, says it was the target of an “organized cybersecurity attack.”
In a statement, JBS, which has its U.S. headquarters in Greeley, Colorado, said the attack affected some of its servers supporting its North American and Australian IT systems.
“The company took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation,” the company said in its statement. “The company’s backup servers were not affected, and it is actively working with an Incident Response firm to restore its systems as soon as possible.”
How consumers might be impacted by the attack was not immediately known Monday.
Earlier in the month, a cyberattack on the Colonial Pipeline, a key artery in the nation’s energy infrastructure, temporarily disrupted the transportation of fuel in the Southeastern U.S. It triggered panic-buying of gasoline and led to gas shortages.
JBS, which is a leading processor of beef, pork and other prepared foods in the U.S., said it “not aware of any evidence at this time that any customer, supplier or employee data has been compromised or misused as a result of the situation.”
Bloomberg reported Monday that the JBS incident affected a Canadian beef plant in Brooks, Alberta, about 118 miles east of Calgary, according to a spokesperson for United Food and Commercial Workers Local 401.
JBS says it has 84 U.S. properties and the company owns facilities in 20 countries.
“Resolution of the incident will take time, which may delay certain transactions with customers and suppliers,” JBS said.
‘Nothing is safe’
The one-two punch of the recent cyberattacks “shows that nothing is safe,” said former senior Department of Homeland Security official Paul Rosenzweig. “Not the meatpacking industry, not the chemical industry, not the wastewater treatment industry, not Sony. Nothing.”
“And the only way to be safe in this world is to unplug completely. And you can’t do that and be economically competitive,” added Rosenzweig, a Cybersecurity and Emerging Threats senior fellow at the non-partisan R Street Institute public policy research organization in Washington, D.C.
Rosenzweig said that the Colonial Pipeline cyberattack, and the ransom paid by the company, has clearly emboldened non-state actors to strike at potentially bigger and more financially vulnerable targets, including JBS.
“Until they actually pay consequences, they’ll keep doing it,” he said. “I mean, the Colonial guys got away with $50 million or whatever it was – not bad for a week’s work. Who knows what the JBS guys might get away with?”
“So long as the internet is a place of anonymity, the criminals will be able to act with impunity,” Rosenzweig added. “And why would they stop?”